#include "netdissect.h"
#include "interface.h"
#include "addrtoname.h"
-#include "machdep.h"
#include "pcap-missing.h"
#include "ascii_strcasecmp.h"
int i;
if (pcap_findalldevs_ex(remote_interfaces_source, NULL, &devlist,
- ebuf) < 0)
+ ebuf) < 0) {
+ if (strcmp(ebuf, "not supported") == 0) {
+ /*
+ * macOS 14's pcap_findalldevs_ex(), which is a
+ * stub that always returns -1 with an error
+ * message of "not supported".
+ *
+ * In this case, as we passed it an rpcap://
+ * URL, treat that as meaning "remote capture
+ * not supported".
+ */
+ error("Remote capture not supported");
+ }
error("%s", ebuf);
+ }
for (i = 0, dev = devlist; dev != NULL; i++, dev = dev->next) {
printf("%d.%s", i+1, dev->name);
if (dev->description != NULL)
#define OPTION_FP_TYPE 135
#define OPTION_COUNT 136
#define OPTION_PRINT_SAMPLING 137
+#define OPTION_LENGTHS 138
static const struct option longopts[] = {
#if defined(HAVE_PCAP_CREATE) || defined(_WIN32)
{ "number", no_argument, NULL, '#' },
{ "print", no_argument, NULL, OPTION_PRINT },
{ "print-sampling", required_argument, NULL, OPTION_PRINT_SAMPLING },
+ { "lengths", no_argument, NULL, OPTION_LENGTHS },
{ "version", no_argument, NULL, OPTION_VERSION },
{ NULL, 0, NULL, 0 }
};
#ifdef HAVE_PCAP_FINDALLDEVS_EX
-#define LIST_REMOTE_INTERFACES_USAGE "[ --list-remote-interfaces remote-source ]"
+#define LIST_REMOTE_INTERFACES_USAGE " [ --list-remote-interfaces remote-source ]"
#else
#define LIST_REMOTE_INTERFACES_USAGE
#endif
} else
error("Couldn't find user '%.32s'", username);
#ifdef HAVE_LIBCAP_NG
- /* We don't need CAP_SETUID, CAP_SETGID and CAP_SYS_CHROOT any more. */
+ /* We don't need CAP_SETUID, CAP_SETGID and CAP_SYS_CHROOT anymore. */
DIAG_OFF_ASSIGN_ENUM
capng_updatev(
CAPNG_DROP,
* along the lines of ioctl(), the fact that ioctl() operations are
* largely specific to particular character devices but fcntl() operations
* are either generic to all descriptors or generic to all descriptors for
- * regular files nonwithstanding.
+ * regular files notwithstanding.
*
* The Capsicum people decided that fine-grained control of descriptor
* operations was required, so that you need to grant permission for
* that requires that it be able to do an F_GETFL fcntl() to read
* the O_ flags.
*
- * Tcpdump uses ftell() to determine how much data has been written
+ * tcpdump uses ftell() to determine how much data has been written
* to a file in order to, when used with -C, determine when it's time
* to rotate capture files. ftell() therefore needs to do an lseek()
* to find out the file offset and must, thanks to the aforementioned
pflag ? 0 : PCAP_OPENFLAG_PROMISCUOUS, timeout, NULL,
ebuf);
if (pc == NULL) {
+ /*
+ * macOS 14's pcap_pcap_open(), which is a
+ * stub that always returns NULL with an error
+ * message of "not supported".
+ *
+ * In this case, as we passed it an rpcap://
+ * URL, treat that as meaning "remote capture
+ * not supported".
+ */
+ if (strcmp(ebuf, "not supported") == 0)
+ error("Remote capture not supported");
+
/*
* If this failed with "No such device" or "The system
* cannot find the device specified", that means
if (status != 0)
error("%s: pcap_setdirection() failed: %s",
device, pcap_geterr(pc));
- }
+ }
#endif /* HAVE_PCAP_SETDIRECTION */
#else /* HAVE_PCAP_CREATE */
*ebuf = '\0';
#endif
/*
- * On platforms where the CPU doesn't support unaligned loads,
- * force unaligned accesses to abort with SIGBUS, rather than
- * being fixed up (slowly) by the OS kernel; on those platforms,
- * misaligned accesses are bugs, and we want tcpdump to crash so
- * that the bugs are reported.
+ * An explicit tzset() call is usually not needed as it happens
+ * implicitly the first time we call localtime() or mktime(),
+ * but in some cases (sandboxing, chroot) this may be too late.
*/
- if (abort_on_misalignment(ebuf, sizeof(ebuf)) < 0)
- error("%s", ebuf);
+ tzset();
while (
(op = getopt_long(argc, argv, SHORTOPTS, longopts, NULL)) != -1)
if (nd_load_smi_module(optarg, ebuf, sizeof(ebuf)) == -1)
error("%s", ebuf);
} else {
- (void)fprintf(stderr, "%s: ignoring option `-m %s' ",
+ (void)fprintf(stderr, "%s: ignoring option '-m %s' ",
program_name, optarg);
(void)fprintf(stderr, "(no libsmi support)\n");
}
else if (ascii_strcasecmp(optarg, "inout") == 0)
Qflag = PCAP_D_INOUT;
else
- error("unknown capture direction `%s'", optarg);
+ error("unknown capture direction '%s'", optarg);
break;
#endif /* HAVE_PCAP_SETDIRECTION */
else if (ascii_strcasecmp(optarg, "quic") == 0)
ndo->ndo_packettype = PT_QUIC;
else
- error("unknown packet type `%s'", optarg);
+ error("unknown packet type '%s'", optarg);
break;
case 'u':
ndo->ndo_packet_number = 1;
break;
+ case OPTION_LENGTHS:
+ ndo->ndo_lengths = 1;
+ break;
+
case OPTION_VERSION:
print_version(stdout);
exit_tcpdump(S_SUCCESS);
show_remote_devices_and_exit();
#endif
-#if defined(DLT_LINUX_SLL2) && defined(HAVE_PCAP_SET_DATALINK)
-/* Set default linktype DLT_LINUX_SLL2 when capturing on the "any" device */
- if (device != NULL &&
- strncmp (device, "any", strlen("any")) == 0
- && yflag_dlt == -1)
- yflag_dlt = DLT_LINUX_SLL2;
-#endif
-
switch (ndo->ndo_tflag) {
case 0: /* Default */
/* Run with '-Z root' to restore old behaviour */
if (!username)
username = WITH_USER;
+ else if (strcmp(username, "root") == 0)
+ username = NULL;
}
#endif
pcap_datalink_val_to_name(yflag_dlt));
(void)fflush(stderr);
}
+#if defined(DLT_LINUX_SLL2) && defined(HAVE_PCAP_SET_DATALINK)
+ else {
+ /*
+ * Attempt to set default linktype to
+ * DLT_LINUX_SLL2 when capturing on the
+ * "any" device.
+ *
+ * If the attempt fails, just quietly drive
+ * on; this may be a non-Linux "any" device
+ * that doesn't support DLT_LINUX_SLL2.
+ */
+ if (strcmp(device, "any") == 0) {
+DIAG_OFF_WARN_UNUSED_RESULT
+ (void) pcap_set_datalink(pd, DLT_LINUX_SLL2);
+DIAG_ON_WARN_UNUSED_RESULT
+ }
+ }
+#endif
i = pcap_snapshot(pd);
if (ndo->ndo_snaplen < i) {
if (ndo->ndo_snaplen != 0)
* devices, and can't just give users that permission,
* you'd make tcpdump set-UID or set-GID).
*
- * Tcpdump doesn't necessarily write only to one savefile;
+ * tcpdump doesn't necessarily write only to one savefile;
* the general only way to allow a -Z instance to write to
* savefiles as the user under whose UID it's run, rather
* than as the user specified with -Z, would thus be to switch
#else
cansandbox = (cansandbox && ndo->ndo_nflag);
#endif /* HAVE_CASPER */
+ cansandbox = (cansandbox && (pcap_fileno(pd) != -1 ||
+ RFileName != NULL));
+
if (cansandbox && cap_enter() < 0 && errno != ENOSYS)
error("unable to enter the capability mode");
#endif /* HAVE_CAPSICUM */
static void
child_cleanup(int signo _U_)
{
- wait(NULL);
+ while (waitpid(-1, NULL, WNOHANG) >= 0);
}
#endif /* HAVE_FORK && HAVE_VFORK */
"\t\t[ -i interface ]" IMMEDIATE_MODE_USAGE j_FLAG_USAGE "\n");
#ifdef HAVE_PCAP_FINDALLDEVS_EX
(void)fprintf(f,
-"\t\t" LIST_REMOTE_INTERFACES_USAGE "\n");
+"\t\t[ --lengths ]" LIST_REMOTE_INTERFACES_USAGE "\n");
#endif
#ifdef USE_LIBSMI
(void)fprintf(f,
projects / tcpdump / blobdiff